September 19, 2017

Are Your Physical Security Measures Fit for the Cyber World?

Protecting against cyber sabotage is an essential component in managing overall risk for a facility. Cybersecurity and physical security are becoming even more interconnected—but are your physical security measures themselves protected?

Many physical security solutions now incorporate a digital element that needs securing like any other cyber system. For example, consider the security cameras used to monitor points of entry and assets at a facility. Some security cameras can be connected to each other and to a monitoring station utilizing Wi-Fi or an Ethernet connection into the existing network. These features allow for easier set up and installation as new communication wiring does not need to be run for each individual camera. But along with this convenience comes a potential exploit: if the cameras don’t include security software, or if that software is not maintained, malicious actors could utilize these vulnerabilities to disable the camera, install malware, or even intercept or spoof the video stream.

Any device that can connect to a network becomes part of the “Internet of Things” (IoT), and is potentially susceptible to exploitation by an outside party. Some other examples of devices that might have network connections are multifunction printers, inventory scanners, or process control systems with web-based management.

Best practices for securing devices that can be connected to a network (regardless of whether the feature is being used or not) include disabling default connections and default settings, changing default usernames and passwords, checking for and applying firmware and software updates as soon as they are available, and following a policy of least privilege access. For an increased level of security, place the devices in an isolated network and administer access to that network segment accordingly.

Just because a device is not utilized for a cyber purpose does not always mean that it is not susceptible to a cyber-attack.

Reference:                                                                                                                           CFATS Quarterly